Hello all,
Just received word from Google Maps that as of March 2, 2010 they are going to begin requiring that calls to their webservices (static maps, geocoding, others to follow) be signed using an HMAC-SHA-1 signature. Their documentation at http://code.google.com/apis/maps/documentation/premier/guide.html#signatureprocess only covers signatures generated server-side by Python, Java and C#. PL/SQL is my only option.
I have little to no knowledge of signing requests, let alone using HMAC-SHA-1. I found an article on the Google Checkout board: http://groups.google.com/group/google-checkout-api-other/msg/f3d1f4eb1cd21172 where it appears the guy figured out how to generate an HMAC-SHA-1 key via PL/SQL. I gave the code a try using the test string and test key from Google's documentation above, but it is generating a different signature than what the documentation says it should generate.
Here is a simplified version of the code I found on the Google Checkout board, with the sample key and string from Google's documentation:
DECLARE
l_key VARCHAR(100) := 'vNIXE0xscrmjlyV-12Nj_BvUPaw=';
l_string VARCHAR2(100) := utl_url.escape('/maps/api/geocode/json?address=New+York&' || 'sensor=false');
l_sig_mac RAW(2000);
l_base64_sig_mac VARCHAR2(2000);
BEGIN
l_sig_mac :=
DBMS_CRYPTO.mac(UTL_I18N.string_to_raw(l_string, 'AL32UTF8'), DBMS_CRYPTO.hmac_sh1,
UTL_I18N.string_to_raw(l_key, 'AL32UTF8'));
l_base64_sig_mac := UTL_RAW.cast_to_varchar2(UTL_ENCODE.base64_encode(l_sig_mac));
DBMS_OUTPUT.put_line('MAC Signature (Base64-encoded): ' || l_base64_sig_mac);
END;
Any thoughts on what I might be doing wrong?
Many thanks,
John